diff options
| author | Werner Koch <[email protected]> | 2023-02-01 08:27:28 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2023-02-01 08:27:28 +0000 |
| commit | 8b8a8b246c443d5631a88ec59b88edf00aa0ff51 (patch) | |
| tree | e4ca830daaae89ce7ec0e7089c99b4042d3db145 /agent/findkey.c | |
| parent | gpg: New pseudo option full-help for --list-options et al. (diff) | |
| download | gnupg-8b8a8b246c443d5631a88ec59b88edf00aa0ff51.tar.gz gnupg-8b8a8b246c443d5631a88ec59b88edf00aa0ff51.zip | |
ssh: Allow to define the order in which keys are returned.
* agent/findkey.c (public_key_from_file): Add arg r_sshorder.
(agent_ssh_key_from_file): Ditto.
* agent/command-ssh.c (struct key_collection_item_s): New.
(struct key_collection_s): New.
(search_control_file): Add art r_lnr.
(add_to_key_array): New.
(free_key_array): New.
(compare_key_collection_items): New.
(ssh_send_available_keys): Rewrite to return the keys in the user
given order.
--
GnuPG-bug-id: 6212
We now first return the keys from active cards, followed by keys
listed in sshcontrol, finally from those with the "Use-for-ssh" key
attribute. Keys from active cards are returned sorted by their S/N.
Keys from sshcontrol are returned in the order they are given in that
file. Use-for-ssh keys are ordered by the value assigned to that key
attribute. The values for the latter are clamped at 99999.
Diffstat (limited to 'agent/findkey.c')
| -rw-r--r-- | agent/findkey.c | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/agent/findkey.c b/agent/findkey.c index 20962bd43..d3a3b335c 100644 --- a/agent/findkey.c +++ b/agent/findkey.c @@ -1422,10 +1422,11 @@ agent_raw_key_from_file (ctrl_t ctrl, const unsigned char *grip, /* Return the public key for the keygrip GRIP. The result is stored at RESULT. This function extracts the public key from the private key database. On failure an error code is returned and NULL stored - at RESULT. */ + at RESULT. If R_SSHORDER is not NULL the ordinal from the + Use-for-ssh attribute is stored at that address. */ static gpg_error_t public_key_from_file (ctrl_t ctrl, const unsigned char *grip, - gcry_sexp_t *result, int for_ssh) + gcry_sexp_t *result, int for_ssh, int *r_sshorder) { gpg_error_t err; int i, idx; @@ -1451,6 +1452,8 @@ public_key_from_file (ctrl_t ctrl, const unsigned char *grip, (void)ctrl; *result = NULL; + if (r_sshorder) + *r_sshorder = 0; err = read_key_file (grip, &s_skey, for_ssh? &keymeta : NULL); if (err) @@ -1470,6 +1473,8 @@ public_key_from_file (ctrl_t ctrl, const unsigned char *grip, if (!is_ssh) return gpg_error (GPG_ERR_WRONG_KEY_USAGE); + if (r_sshorder) + *r_sshorder = is_ssh; } for (i=0; i < DIM (array); i++) @@ -1565,15 +1570,15 @@ agent_public_key_from_file (ctrl_t ctrl, const unsigned char *grip, gcry_sexp_t *result) { - return public_key_from_file (ctrl, grip, result, 0); + return public_key_from_file (ctrl, grip, result, 0, NULL); } gpg_error_t agent_ssh_key_from_file (ctrl_t ctrl, const unsigned char *grip, - gcry_sexp_t *result) + gcry_sexp_t *result, int *r_order) { - return public_key_from_file (ctrl, grip, result, 1); + return public_key_from_file (ctrl, grip, result, 1, r_order); } |